HOMETHREATSChainedShark
APT / THREAT GROUP🕵️ ESPIONAGEADVANCED

ChainedShark

2
aliases
Last seen:Mar 17, 2026

Intelligence Profile

ChainedShark is an APT group targeting China's scientific research sector, particularly professionals in international relations and marine technology, with the intent to steal sensitive data. The group employs advanced techniques, including executable file reconstruction to create fragmented shellcode, and utilizes social engineering tactics to exploit professional scenarios for deceptive attacks. ChainedShark demonstrates a high level of technical sophistication, integrating N-day vulnerability exploits and custom trojans within meticulously designed attack chains. Its operations reflect a mature attack infrastructure and a clear evolutionary trajectory in tactics and execution.

Threat Analysis

ChainedShark is a advanced-sophistication threat actor of undetermined national origin, engaged in cyber operations with a primary motivation of espionage.

The group's espionage-oriented operations suggest a state-sponsored or state-aligned mandate, typically focused on stealing intellectual property, government secrets, or military intelligence. Targets are usually selected for strategic value rather than financial gain.

Classified as an advanced threat actor, ChainedShark likely develops or acquires zero-day exploits, employs custom malware toolchains, and demonstrates long-term persistence capabilities — hallmarks of a well-resourced operation consistent with nation-state backing.

External References

Quick Facts

TypeAPT / Threat Group
Motivation🕵️ espionage
Sophisticationadvanced
Aliases2
SourceMalpedia

Also Known As

Actor240820ChainedShark

Research Links

Data sourced from Malpedia, Ransomware.live, RansomLook, and CTIWATCH OSINT collection. Actor attribution is based on available intelligence and may be incomplete.